modules_k/permissions: allow_trusted(): Make the multiple matches feature configurable, defaulting to single match.

modules_k/permissions/doc/permissions_admin.xml

@@ -669,6 +669,27 @@ modparam("permissions", "tag_col", "peer_tag")
 ...
 modparam("permissions", "peer_tag_avp", "$avp(i:707)")
 ...
+</programlisting>
+		</example>
+	</section>
+	<section>
+		<title><varname>peer_tag_mode</varname> (integer)</title>
+		<para>
+		Tag mode for allow_trusted(). 0 sets only the tag of the
+		first match. 1 adds the tags of all matches to the avp. In addition
+		the return value of allow_trusted() is the number of matches.
+		</para>
+		<para>
+		<emphasis>
+		Default value is <quote>0</quote>.
+		</emphasis>
+		</para>
+		<example>
+		<title>Set <varname>peer_tag_mode</varname> parameter</title>
+		<programlisting format="linespecific">
+...
+modparam("permissions", "peer_tag_mode", "1")
+...
 </programlisting>
 		</example>
 	</section>

modules_k/permissions/hash.c

@@ -40,6 +40,9 @@
 static int     tag_avp_type;
 static int_str tag_avp;
 
+extern int peer_tag_mode;
+
+
 
 /*
  * Parse and set tag AVP specs
@@ -247,6 +250,8 @@ int match_hash_table(struct trusted_list** table, struct sip_msg* msg,
 					return -1;
 				}
 			}
+			if (!peer_tag_mode)
+				return 1;
 			count++;
 		}
 	}

modules_k/permissions/permissions.c

@@ -68,6 +68,7 @@ str proto_col = str_init("proto");         /* Name of protocol column */
 str from_col = str_init("from_pattern");   /* Name of from pattern column */
 str tag_col = str_init("tag");             /* Name of tag column */
 str tag_avp_param = {NULL, 0};             /* Peer tag AVP spec */
+int peer_tag_mode = 0;                     /* Add tags form all mathcing peers to avp */
 
 /* for allow_address function */
 str address_table = str_init("address");   /* Name of address table */
@@ -159,6 +160,7 @@ static param_export_t params[] = {
 	{"from_col",           STR_PARAM, &from_col.s        },
 	{"tag_col",            STR_PARAM, &tag_col.s         },
 	{"peer_tag_avp",       STR_PARAM, &tag_avp_param.s   },
+	{"peer_tag_mode",      INT_PARAM, &peer_tag_mode     },
 	{"address_table",      STR_PARAM, &address_table.s   },
 	{"grp_col",            STR_PARAM, &grp_col.s         },
 	{"ip_addr_col",        STR_PARAM, &ip_addr_col.s     },

modules_k/permissions/permissions.h

@@ -61,6 +61,8 @@ extern str grp_col;       /* Name of address group column */
 extern str ip_addr_col;   /* Name of ip address column */
 extern str mask_col;      /* Name of mask column */
 extern str port_col;      /* Name of port column */
+extern int peer_tag_mode; /* Matching mode */
+
 
 typedef struct int_or_pvar {
     unsigned int i;

modules_k/permissions/trusted.c

@@ -384,6 +384,8 @@ static int match_res(struct sip_msg* msg, int proto, db1_res_t* _r)
 					return -1;
 				}
 			}
+			if (!peer_tag_mode) 
+				return 1;
 			count++;
 		}
 	}